Natisha Bailey

Education: Master of Science - MS

Cybersecurity

Webster University

2018 : 2021

Bachelor of Science (BS)

Computer Science

Texas State University

2002



Computer Science

Southern University and Agricultural and Mechanical College at Baton Rouge

Experience: · Serve as a Cybersecurity Engineer that supports Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division to mitigate threats to critical infrastructure and increase the security of critical networks.

•Serves as the Security Lead for Cyber Mission Infrastructure Enabling Services (CMIES) value stream supporting CD by delivering security threat detection and incident response services leveraging automation, orchestration, and artificial intelligent solutions.

· Responsible for implementing security engineering technical expertise to ensure CD cybersecurity solutions are integrated systems of people, processes, and technology designed to protect and defend IT from threats.

· Manage six CMIES sections to include assigning security staff to provide technical expertise, ensure A&A packages are prepared, monitor A&A progress, adjust resources and priorities to support NCPS objectives.

· Manage tool sets for cyber logging, endpoint, and boundary protection to secure the MOE environment.

· Perform security engineering tasks for DSO since 2019, responsible for updating A&A documentation (ConOps, SAG, SDD, and SSP), develop POA&Ms, identify and analyze vulnerability/compliance findings within the environment.

· Oversees the preparation of CISA A&A package to include developing POA&Ms, authoring security documentation, such as Systems Security Plan (SSP).

· Provides weekly status reports and monthly FISMA scorecard of each CMIES system and application to include status of POA&M, waivers, and risk acceptance requests.

· Liaison between System Owners, Information System Security Manager, and Information System Security Officer to coordinate and perform complex security data analysis and test on development systems.

· Responsible for identifying, analyzing, triaging, reporting, and remediating security findings to maintain a secure security posture.

2019 : Present

KForce– DHS/CISA

Cybersecurity Lead/Senior Cybersecurity Engineer

· Served as an Information Assurance (IA) Engineer that supports Security and Information Assurance, Information Security Vulnerability Management (ISVM) and Patch Management services to protect the Intelligence Community (IC) and other mission partner cybersecurity efforts from cyber threats across Department of Homeland Security (DHS) and the Intelligence Community (IC)

· Acted as a liaison between System Owners, Security Control Assessors (SCA), and System Engineer to coordinate and perform complex security test data analysis on a wide range of classified IT systems

· Responsible for end-to-end project management, demonstrating ownership of the entire process from beginning to end, including but limited to identifying, analyzing, and reporting security findings

· Managed and conducted cybersecurity compliance, risk and vulnerability assessments at the network, system and application level in accordance with DHS National Security Systems Policy and DHS Sensitive Compartmented Information Policy

· Oversaw the execution of security patch management, information assurance audit processes and response activities in support of tool Risk Management Framework (RMF) using tools such as LanDesk, Nessus, SCAP, and RSA Archer

· Authored system security vulnerability reports identifying patterns and trends to determine the security posture of the IT infrastructure

· Identified root cause, scope, severity of each vulnerability and compiled findings into monthly, quarterly, and annual analytical reports to include, but not limited to Federal Information Security Management Act (FISMA), Continuous Monitoring Reporting, JWICS Connection Approval Process

· Managed the performance of vulnerability assessments, compliance testing, analyzed security requirements and recommended mitigation strategies to address security risks for DHS sites and information systems

· Reviewed, tracked, and managed the status of plans of action and milestones (POA&Ms) to completion

2017 : 2019

ASRC FEDERAL - DHS

Vulnerability Management Lead/Information Assurance Engineer

•Served as a Cybersecurity Engineer/Analyst for Joint Chief of Staff Integrated Network Support Services and Joint Service Providers (JSP)

•Maintained integrated programs to protect the integrity, confidentiality, and availability of the organization's technology infrastructures and information resources

•Coordinated incidents related to Personally Identifiable Information (PII), the spillage of classified/sensitive information, evidence of misuse, policy violations, and insider threats to increase the security posture

•Oversaw security engineering aspects and design issues of three physical locations for Bluecoat appliances

•Managed and configured Blue Coat appliances which include configuring policy rules, exceptions, and notifications

•Monitored web traffic and control resource performance to ensure high quality transmission

•Enforced computer network defense (CND) activities including, vulnerability management, incident triage, Personal Identifiable Information (PII) loss reporting, classified spillage reporting and wireless scanning

•Monitored, performed health check and troubleshot Proxy, Proxy Anti-Virus (ProxyAV), Reporter and Blue Coat Authentication and Authorization Agent (BCAAA)

•Conducted forensic investigations on all aspects of digital evidence including, but not limited to data spillage, full packet captures, security event analysis, and malware analysis on data collected from end points

•Analyzed log files to capture system of record, correlate data sources, identify potential threats, detect abnormal, suspicious and malicious activity

•Prepared detailed reports, documents and oral presentations on network security vulnerabilities, recommendations, and emerging threats

•Utilized IDS/IPS, session data, full-content data, network forensics and host-based tools for events and anomalies

2016 : 2018

Chairman of the Joint Chiefs of Staff/Joint Service Providers (JSP) - ASD/CSRA

Cybersecurity Engineer/Analyst

•Served as an Information Systems Security Officer on the Assessment and Accreditation (A&A) team for Headquarters Department of the Army (HQDA) and Joint Service Provider (JSP) within the Cyber Security Center

•Formulated, interpret, and disseminate Cybersecurity and Information Systems Security (ISS) policies and procedures via Risk Management Framework (RMF) and transition from DIACAP (DoD Information Assurance Certification and Accreditation Process) approved processes

•Lead team in drafting Assessment and Accreditation (A&A) policy and procedure manual to ensure information systems are equipped to defend against unauthorized access to systems, networks, and data

•Implemented assessment and authorization (certification and accreditation - C&A) processes for all Department of Defense (DoD) information, technologies and services

•Managed the assessment & authorization program ensuring expirations are tracked and advanced suspense notifications are disseminated to accountable parties

•Advised and assisted in preparation and submission of Authorization to Operate (ATO) packages to Authorizing Official (AO) for approval

•Monitored, evaluated, and reported security posture documentation to Information System Security Manager (ISSM) for Authorizing Official (AO) risk acceptance

•Implemented protective or corrective measures if a security problem exists; review Security Plans and track Plan of Action Milestones (POA&M) until security deficiencies are closed

•Conducted security assessment to ensure DoD entities are in compliance with Defense Information Systems Agency (DISA) standards and regulations, including but, not limited to site surveys and pre-Command Cyber Readiness Inspection (CCRI)

2015 : 2016

L-3 Communications/CACI

Information Systems Security Officer (ISSO)

•Served as a Cybersecurity Technology Consultant and Information Technology Specialist for the Marine Corps Network Operations and Security Center (MCNOSC) to protect the Marine Corps Enterprise Network (MCEN)

•Operated and managed all aspects of Information Systems (IS), data availability, integrity, authentication, confidentiality and non-repudiation

•Resolved critical problems which was a direct impact on the network, Active Directory, domain controllers and system configuration, and integration processes

•Provided computer imaging via System Center Configuration Manager (SCCM) and provide IAVA patching.

•Performed daily system checks, reviewed and responded to events reflected in various management tools, performed server patch management

•Maintained file servers and network access; documented and analyzed system anomalies to ensure optimum equipment performance

•Provided Domain Name Service (DNS) management and certificate service for server farm assets and websites

•Monitored Microsoft Threat Management Gateway (TMG) server activity and performance using alerts, logging, reporting and real-time monitoring

•Created, tested and deployed group policy objects (GPOSs) within the directory service

•Created, modified, deleted, and provided group policy (GP) management to support multiple missions across the MCEN

•Supervised the installation, operation, troubleshooting, security, and maintenance of the Automated Message Handling System (AMHS)

•Assisted MCNOSC DCOS Defensive Cyber Security Operations Section (DCOS) clients (e.g., Red Team and Mitigation Action Team) in articulating and defining their business requirements

•Prepared business case justification for technical investment decisions

•Developed and executed government approved security policies, plans and procedures

•Provided system administration including but, not limited to an array of hardware/softwar

Company: KForce– DHS/CISA

Years of Experience: 15